Re: exploring debian's users and groups
On Mon, 13 Aug 2001, Marc Haber wrote:
> On Sun, 12 Aug 2001 16:18:39 -0800, Ethan Benson <erbenson@alaska.net>
> wrote:
> >On Sun, Aug 12, 2001 at 11:19:59PM +0200, Marc Haber wrote:
> >> The ftp daemon would then run as www-data?
> >
> >NO!!
> >
> >what are you smoking that gives you that idea??
> >
> >annoymous ftp should run as a dedicated ftpd user with NO PRIVILEGES,
> >and should own NO FILES. if you are irresponsible enough to allow
> >lusers to login to thier accounts with ftp they will have the same
> >privilieges and group memberships as a ssh login and thus would be
> >able to modify the same files as in a ssh login.
>
> Neither am I talking about anonymous ftp, nor of shell users logging
> in. What I am talking about is a web hosting environment, where -
> unfortunately - ftp is still the preferred method of accessing the web
> data for the customers. scp or other means are not an option since
> neither Frontpage nor Dreamweaver can do anything but ftp and the
This is not true. Frontpage supports so called Webfolders which is nothing
else but WebDAV from the HTTP1.1 Standard. This can easily be enabled in
apache using mod_dav. It is also supported by newer M$-Office, Internet
and Windows Exploder (and e.g. cadaver on the linux console).
To use it the files in the document root must have the owner/group the
webserver runs as (i.e. www-data on Debian) and you cannot
(safely) support any other means of administration.
--
Manfred Wassmann
PGP and GnuPG public keys available at http://germany.keyserver.net
PGP: 24B81049 Fingerprint: D7 10 EE 2B 74 16 C0 64 B4 5F BA B2 90 29 3D AF
GPG: 6B299971 Fingerprint: A598 A41F 57A3 5D69 83D2 8027 1274 F8CD 6B29 9971
Reply to: